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DETAILED ACTION 

1 . Claims 1-24 are pending and are presented for examination. A formal action on the 
merits of claims 1-24 follows. 



Drawings 

2. The drawings are objected to under 37 CFR 1.83(a) because they fail to show a clear 
depiction of the invention, specifically, a detailed flow chart depicting the various replacement of 
address information that occurs as described in the specification. Any structural detail that is 
essential for a proper understanding of the disclosed invention should be shown in the drawing. 
MPEP § 608.02(d). Corrected drawing sheets in compliance with 37 CFR 1.121(d) are required 
in reply to the Office action to avoid abandonment of the application. Any amended replacement 
drawing sheet should include all of the figures appearing on the immediate prior version of the 
sheet, even if only one figure is being amended. The figure or figure number of an amended 
drawing should not be labeled as "amended." If a drawing figure is to be canceled, the 
appropriate figure must be removed from the replacement sheet, and where necessary, the 
remaining figures must be renumbered and appropriate changes made to the brief description of 
the several views of the drawings for consistency. Additional replacement sheets may be 
necessary to show the renumbering of the remaining figures. The replacement sheet(s) should be 
labeled "Replacement Sheet" in the page header (as per 37 CFR 1.84(c)) so as not to obstruct any 
portion of the drawing figures. If the changes are not accepted by the examiner, the applicant will 
be notified and informed of any required corrective action in the next Office action. The 
objection to the drawings will not be held in abeyance. 
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Claim Rejections - 35 USC § 112 

3. The following is a quotation of the first paragraph of 35 U.S.C. 112: 

The specification shall contain a written description of the invention, and of the manner and process of making 
and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it 
pertains, or with which it is most nearly connected, to make and use the same and shall set forth the best mode 
contemplated by the inventor of carrying out his invention. 

4. Claims 3-4, 15 and 20 are rejected under 35 U.S.C. 1 12, first paragraph, as failing to 
comply with the enablement requirement. The claim(s) contains subject matter which was not 
described in the specification in such a way as to enable one skilled in the art to which it pertains, 
or with which it is most nearly connected, to make and/or use the invention. Applicant has not 
shown how the determination will be made that a port can be replaced by a gateway. It is 
unclear as to what the DPM driver/server uses to distinguish whether the port is replaceable or 
not. Proper correction is required. 



Claim Rejections - 35 USC § 103 

5. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

6. Claims 1-2, 5-8, 12-14 and 16-17 are rejected under 35 U.S.C. 103(a) as being 



unpatentable over Bhatia (U.S. 6,563,824) in view of Gbadegesin (U.S. 6,754,709). 
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Regarding claim 1, Bhatia teaches a method for dynamically managing port and network 
addresses for a first network comprising: 

obtaining a first port for an application session, the application session requiring 
communication with the second node [Bhatia — Col. 13 lines 12-59 (Table 1) - Initial packet 
is sent from client workstation to LAN modem containing a private source IP and private 
port, after the session has obtained it, for communicating with a second node]; 

exchanging information for reserving a network address of the second type and, if the 
first port is replaceable, for dynamically assigning a second port [Bhatia — Col. 14 lines 4-59 - 
LAN modem uses the information contained in the outgoing packet to reserve and replace 
the source IP address and source port with a public source IP address and unique public 
port in order to allow communication outside the private network. The port is replaced to 
a unique port, thereby implying the port is replaceable; otherwise the port would not have 
been replaced]; 

using the network address of the second type and the dynamically assigned second port 
for completing the communications of the application session [Bhatia Col. 16 lines 31-41 - 
Using both the public IP address, i.e. address of the second type, and the publicly assigned 
port, communication with the remote server is begun ], 

wherein the information exchanged indicates a network address and port of the second 
node [Bhatia - Col. 13 lines 12-24 - Information exchanged with LAN modem device 
contains the IP address and port of the server, i.e. destination, node]. 

Bhatia fails to explicitly teach a DPM driver exchanging information with a DPM server in order 
to communicate and provide intelligent NAT services. 
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Gbadegesin, however, discloses a transparent proxy on the network gateway machine, i.e. DPM 
server, which can be initiated by the NAT API, i.e. DPM driver, on the client for exchanging 
information regarding the source and destination ports and addresses [Gbadegesin -- Col. 8 lines 
31-67 -Col. 9 lines 1-5] 

It would have been obvious to one of ordinary skill in the art at the time the invention was made 
to incorporate the intelligent NAT services by providing a transparent proxy API library in 
communication with a NAT API, as taught by Gbadegesin into the invention of Bhatia, in order 
to provide intelligence and value added network services which does not lead to performance 
degradation [Gbadegesin — Col. 3 lines 30-34]. 

Regarding claim 2, Bhatia-Gbadegesin teach the invention substantially as claimed, as 
aforementioned in claim 1 above, including wherein the DPM driver, i.e. NAT API uses a first 
network address of the first type, and the DPM server, i.e. transparent proxy, uses a 
predetermined port and a second network address of the first type for information exchanged 
between the DPM driver and the DPM server [Gbadegesin - Col. 8 lines 43-57 - DPM driver, 
i.e. NAT API, sends the packet information using the initially established private source IP 
address, i.e. first network address of the first type, to the network gateway, i.e. running the 
transparent proxy, which is accessed using a local address, i.e. private IP address and port, 
for communication]. 

Regarding claim 5, Bhatia-Gbadegesin teach the invention substantially as claimed, as 
aforementioned by claim 1 above, including wherein the step further comprising changing, by 
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the DPM driver, the network address of the second node and its port for the application session 
to the second network address of the first type and a predetermined port of the gateway for one 
or more packets of the application session [Gbadegesin — Col. 8 lines 43-67 - Col. 9 lines 1-5 
and lines 26-44 — NAT API, i.e. DPM driver, initiates redirection such that the destination 
address of packets are changed from the destination address/port of the server to a local 
address of the transparent proxy and a port on the transparent proxy before allowing the 
application session to continue]. 

Regarding claim 6, Bhatia-Gbadegesin teach the invention substantially as claimed, as 
aforementioned in claim 1 above further comprising: 

including, by the DPM server, i.e. transparent proxy, the network address and port for the 
second node as a destination network address and destination port for one or more data packets 
of the application session initiated by the first node [Gbadegesin Col. 8 lines 57-67 - Col. 9 
lines 1-5 and lines 26-44 - Proxy forwards client request to original server by replacing the 
destination address with the original destination address/port of the server]; and 

assigning the network address of the second type and the first port or the second port if 
the first port is replaceable as a source network address and source port for the data packets of 
the application session initiated by the first node [Gbadegesin — Col. 8 lines 57-67 - Col. 9 
lines 1-5 and lines 26-44 - Transparent proxy, similarly, replaces the source address/port 
for the packet to the original source address/port]. 
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Regarding claim 7, Bhatia-Gbadegesin teach the invention substantially as claimed, as 
aforementioned in claim 1 above including updating a look-up table indicating a one-to-one 
relationship between the reserved network address associated with either the first port or second, 
i.e. replaced, port and the first network address of the first type associated with the first port 
[Bhatia Col. 13 lines 56-67 - Col. 14 lines 1-3 - NAT table contains a distinct pair 
association, i.e. one-to-one, mapping of the private source address/port and the public 
source address/port]. 

Regarding claim 8, Bhatia-Gbadegesin teach the invention substantially as claimed, as 
aforementioned in claim 1 above, further comprising reconciling two separate application 
sessions requesting the use of the same reserved network address of the second type and the first 
port while at least the first port associated with one of the application sessions is not replaceable 
[Bhatia -- Col. 14 lines 13-67 - Col. 15 lines 1-13 and Col. 16 lines 56-67 - Col. 17 lines 1-13 
- Packets, upon returning, have the same destination IP address of the LAN modem and in 
order to find out which private client to route the packets to, the unique port number is 
used as a lookup to determine which source IP/port pair to route the particular packets to. 
Because one of the ports is replaceable, the two clients will have unique port numbers]. 

Regarding claim 12, Bhatia teaches the invention substantially as claimed, a computer 
program [Bhatia ~ Col. 8 lines 64-67 - Col. 9 lines 1-7] for dynamically managing port and 
network addresses, the computer program comprising; 
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instructions for obtaining a first port for an application session, the application session 
communicating with at least one computer outside of the first network [Bhatia — Col. 13 lines 
12-59 (Table 1) - Initial packet is sent from client workstation to LAN modem containing a 
private source IP and private port, after the session have obtained it,] ; 

instructions for exchanging information for reserving a registered network address and, if 
the first port is replaceable, for dynamically assigning a second port [Bhatia Col. 14 lines 4-59 
- LAN modem uses the information contained in the outgoing packet to reserve and 
replace the source IP address and source port with a public, i.e. registered, source IP 
address and unique public, i.e. registered, port in order to allow communication outside the 
private network. The port is replaced to a unique port, thereby implying the port is 
replaceable; otherwise the port would not have been replaced]; 

instructions for using the reserved registered network address and the dynamically 
assigned port for completing communications of the application session [Bhatia Col. 16 lines 
31-41 - Using both the public, i.e. registered, IP address, i.e. address of the second type, 
and the publicly assigned port, communication with the remote server is begun ], 

wherein the information exchanged indicates a network address and port for the computer 
outside of the first network communicating with the application session [Bhatia — Col. 13 lines 
12-24 - Information exchanged with LAN modem device contains the IP address and port 
of the server, i.e. destination node or computer outside of the first network]. 
Bhatia fails to explicitly teach a DPM driver exchanging information with a DPM server in order 
to communicate and provide intelligent NAT services. 
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Gbadegesin, however, discloses a transparent proxy on the network gateway machine, i.e. DPM 
server, which can be initiated by the NAT API, i.e. DPM driver, on the client for exchanging 
information regarding the source and destination ports and addresses [Gbadegesin Col. 8 lines 
31-67 -Col. 9 lines 1-5]. 

It would have been obvious to one of ordinary skill in the art at the time the invention was made 
to incorporate the intelligent NAT services by providing a transparent proxy API library in 
communication with a NAT API, as taught by Gbadegesin into the invention of Bhatia, in order 
to provide intelligence and value added network services which does not lead to performance 
degradation [Gbadegesin — CoL 3 lines 30-34]. 

Regarding claims 13 and 16, 14 and 17, these are computer program claims 
corresponding to the method claimed in claims 2 and 6, 7 and 8. They have similar limitations; 
therefore, claims 13 and 16, 14 and 17 are rejected under the same rationale. 



7. Claim 3 is rejected under 35 U.S.C. 103(a) as being unpatentable over Bhatia et al. (U.S. 
6,563,824) and Gbadegesin (U.S. 6,754,709), as applied to claim 1 above, in view of Border et 
al. (U.S. 2002/0133596). 
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Regarding claim 3, Bhatia-Gbadegesin teach the invention substantially as claimed, as 
aforementioned in claim 1 above, but fails to explicitly teach detecting whether the first port for 
the application session is replaceable. 

Border, however, discloses selective port replacement, i.e. spoofing, which examines any 
number of criteria from the TCP packet, i.e. specific application, source IP, source port, etc., to 
determine if replacement, i.e. spoofing, can occur [Border Page 3 paragraph [0026] and 
paragraphs [0028-0029]]. Although selective spoofer resides on the network gateway device 
and not on the client, Border teaches that the functionality can be on any existing network 
element, i.e. host [Border— Page 5 paragraph [0059]]. 

It would have been obvious to one of ordinary skill in the art at the time the invention was made 
to incorporate the detecting, i.e. determining, of whether port replacement, i.e. spoofing, can 
occur, as taught by Border into the invention of Bhatia-Gbadegesin, in order to achieve the 
benefit of a higher throughput to only the specific application sessions or users that need the 
benefit [Border Page 2 paragraph [0015] and page 3 paragraph [0029]]. 

8. Claims 4 and 15 are rejected under 35 U.S.C. 103(a) as being unpatentable over Bhatia et 
al. (U.S. 6,563,824) and Gbadegesin (U.S. 6,754,709), as applied to claims 1 and 12 above 
respectively, in view of Border et al. (US 2002/0133596) and Rao (U.S. 6,535,51 1). 

Regarding claim 4, Bhatia-Gbadegesin-Border teach the invention substantially as 
claimed including checking whether the first port is replaceable by the DPM server [Border — 
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Page 3 paragraph [0026] and paragraphs [0028-0029] - Selective spoofer determines if the 
application is eligible for spoofing, Le. port replacement, based upon various criteria in the 
TCP packet, i.e. specific application, source address or source port]. 

Bhatia-Gbadegesin-Border fail to explicitly teach extracting the network address and port for the 
second, i.e. destination node, from the data segment of a packet. 

Rao, however, discloses a method for embedding addressing information in a packet which 
extracts from the payload data section of a packet, i.e. data segment, addressing information to 
set up a communication session with another packet [Rao Col. 3 lines 65-67 - Col. 4 lines 1-8 
and Col. 5 lines 25-32 - Address information is extracted from payload data necessary to 
begin communication session. This information, therefore, would require the destination 
address information of the server, i.e. second, node and port information in order for 
communication to be established]. 

It would have been obvious to a person of ordinary skill in the art at the time the invention was 
made to incorporate the extracting of address information from the payload data section of a 
packet, as taught by Rao into the invention of Bhatia-Gbadegesin-Border, in order to reduce the 
number of packets to initiate a session by embedding all the necessary information in the payload 
data. 

Regarding claim 15, this is a computer program claim corresponding to the method 
claimed in claim 4. It has similar limitations; therefore, claim 15 is rejected under the same 
rationale. 
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9. Claims 1 1 and 19 are rejected under 35 U.S.C. 103(a) as being unpatentable over Bhatia 
et al. (U.S. 6,563,824) and Gbadegesin (U.S. 6,754,709), as applied to claims 1 and 17 above 
respectively, in view of Molitor (U.S. 6,661,799). 

Regarding claim 11, Bhatia-Gbadegesin teach the invention substantially as claimed, as 
aforementioned in claim 1 above, including the DPM driver, but fail to explicitly teach 
responding to a request from the application session inquiring the network address and port used 
by the session with the public network address of the second type and the assigned port. 
Molitor, however, discloses a system in which the remote application session makes an inquiry 
to an address manager to inquire the public address and port which the originating session will be 
using for communication [Molitor - CoL 10 lines 47-53]. While this functionality is in the 
opposite direction, it would have been obvious to a person of ordinary skill in the art that the 
same functionality could be applied to the originating application session to inquire about the 
public address/port pair which it will use in the communication session. See In re Gazda, 219 
F.2d 449, 104 USPQ 400 (CCPA 1955). 

Therefore, it would have been obvious to a person of ordinary skill in the art at the time the 
invention was made to incorporate the inquiry requests by the application session for the public 
network address and port which will be used for communication, as taught by Molitor into the 
invention of Bhatia-Gbadegesin, in order to obtain necessary information about which 
addresses/ports that will be used which may be useful in implementing security features 
[Molitor CoL 10 lines 50-51]. 
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Regarding claim 19, this is a computer program claim corresponding to the method 
claimed in claim 1 1 above. It has similar limitations; therefore, claim 19 is rejected under the 
same rationale. 

10. Claims 20, 21 and 23 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Bhatia et al. (U.S. 6,563,824) in view of Gbadegesin (U.S. 6,754,709) and further in view of Rao 
(U.S. 6,535,511) and Border et al. (US 2002/0133596). 

Regarding claim 20, Bhatia teaches a method for dynamically managing port and 
network addresses for a first network, the method comprising: 

obtaining a first port for an application session, the application session communicating 
with at least one computer outside of the network [Bhatia — Col. 13 lines 12-59 (Table 1) - 
Initial packet is sent from client workstation to LAN modem containing a private source IP 
and private port, after the session has obtained it, for communicating with a second node]; 
and 

reserving a registered network address by exchanging information and dynamically 
assigning a second port to replace the first port for the application session if the first port is 
replaceable [Bhatia — Col. 14 lines 4-59 - LAN modem uses the information contained in the 
outgoing packet to reserve and replace the source IP address and source port with a public, 
i.e. registered, source IP address and unique public, i.e. registered, port in order to allow 
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communication outside the private network. The port is replaced to a unique port, thereby 
implying the port is replaceable; otherwise the port would not have been replaced]; 

Bhatia fails to explicitly teach detecting whether a port is replaceable, extracting the network 
address and port for the computer outside of the first network from the data segment of a packet, 
including the network address and port for the computer outside of the first network as a 
destination network address and destination port for at least one data packet of the application 
session initiated by the computer of the first network, and assigning the reserved network address 
and either the first or second port as a source network address and source port for the packet. 
Border, however, discloses selective port replacement, i.e. spoofing, which examines any 
number of criteria from the TCP packet, i.e. specific application, source IP, source port, etc., to 
determine if replacement, i.e. spoofing, can occur [Border — Page 3 paragraph [0026] and 
paragraphs [0028-0029]]. Although selective spoofer resides on the network gateway device 
and not on the client, Border teaches that the functionality can be on any existing network 
element, i.e. host [Border— Page 5 paragraph [0059]]. 

In addition, Rao, however, discloses a method for embedding addressing information in a packet 
which extracts from the payload data section of a packet, i.e. data segment, addressing 
information to set up a communication session with another packet [Rao -- Col. 3 lines 65-67 - 
Col. 4 lines 1-8 and Col. 5 lines 25-32 - Address information is extracted from payload data 
necessary to begin communication session. This information, therefore, would require the 
destination address information of the server, i.e. second, node and port information in 
order for communication to be established]. 
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Furthermore, Gbadegesin discloses a transparent proxy on the network gateway machine, i.e. 
DPM server, which can be initiated by the NAT API, i.e. DPM driver, on the client for 
exchanging information regarding the source and destination ports and addresses [Gbadegesin — 
CoL 8 lines 31-67 - CoL 9 lines 1-5] along with including, by the DPM server, i.e. transparent 
proxy, the network address and port for the second node as a destination network address and 
destination port for one or more data packets of the application session initiated by the first node 
[Gbadegesin — Col. 8 lines 57-67 - Col. 9 lines 1-5 and lines 26-44 - Proxy forwards client 
request to original server by replacing the destination address with the original destination 
address/port of the server]; and assigning the network address of the second type and the first 
port or the second port if the first port is replaceable as a source network address and source port 
for the data packets of the application session initiated by the first node [Gbadegesin -- CoL 8 
lines 57-67 - CoL 9 lines 1-5 and lines 26-44 - Transparent proxy, similarly, replaces the 
source address/port for the packet to the original source address/port]. 
It would have been obvious to one of ordinary skill in the art at the time the invention was made 
to incorporate the intelligent NAT services by providing a transparent proxy API library in 
communication with a NAT API along with including the network address ad port of the 
destination computer as the destination address in the packet and the reserved network address 
and port as the source address and port of the packet, as taught by Gbadegesin, in addition to the 
detecting whether the first port is replaceable, as taught by Border, and furthermore extracting 
the network address and port from the data segment/payload portion of the packet, as taught by 
Rao into the invention of Bhatia, in order to provide intelligence and value added network 
services which does not lead to performance degradation [Gbadegesin — Col. 3 lines 30-34], to 
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achieve the benefit of a higher throughput to only the specific application sessions or users that 
need the benefit [Border Page 2 paragraph [0015] and page 3 paragraph [0029]] and 

finally to reduce the number of packets to initiate a session by embedding all the necessary 
information in the payload data. 

Regarding claims 21 and 23, these are method claims corresponding to the method 
claimed in claims 7 and 8 above respectively. They have similar limitations; therefore, claims 21 
and 23 are rejected under the same rationale. 



11. Claim 24 is rejected under 35 U.S.C. 103(a) as being unpatentable over Bhatia et al. (U.S. 
6,563,824), Gbadegesin (U.S. 6,754,709), Rao (U.S. 6,535,51 1) and Border et al. (US 
2002/0133596), as applied to claim 20 above, in view of Molitor (U.S. 6,661,799). 

Regarding claim 24, this is a method claim corresponding to the method claimed in claim 
1 1 above. It has similar limitations; therefore, claim 24 is rejected under the same rationale. 
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Allowable Subject Matter 

12. Claims 9-10, 18 and 22 are objected to as being dependent upon a rejected base claim, 
but would be allowable if rewritten in independent form including all of the limitations of the 
base claim and any intervening claims. 



Conclusion 

13. The prior art made of record and not relied upon is considered pertinent to applicant's 
disclosure. 

Borella et al. (U.S. 6,353,614) disclose a method and protocol for distributed network 
address translation. 

- Tokuyo et al. (US 2001/0017862) discloses a system and method for rewriting 
information in a packet header by an intermediary router. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Thomas J. Mauro Jr. whose telephone number is 703-605-1234. 
The examiner can normally be reached on M-F 8:00a.m. - 4:30p.m.. t 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, David A. Wiley can be reached on 703-308-5221. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 
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Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 
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